Electronic discovery, commonly referred to as e-discovery, refers to any process in which electronic data is sought, located, secured and searched with the intent of using it as evidence in a legal proceeding, an audit, a securities investigation, a forensics investigation or the like. E-discovery can be carried out offline on a particular computer or it can be accomplished in a network environment.
The nature of digital data makes it extremely well-suited for investigation. In particular, digital data can be electronically searched with ease, whereas paper documents must be scrutinized manually. Furthermore, digital data is difficult or impossible to completely destroy, particularly if the data is stored in a network environment. This is because the data appears on multiple hard drives, and because digital files, even if deleted, generally can be undeleted. In fact, the only reliable means of destroying digital data is to physically destroy any and all hard drives where it is stored.
In the process of electronic discovery, data of all types can serve as evidence. This can include text, image, calendar event data, databases, spreadsheets, audio files, multimedia files, web sites and computer programs. Electronic mail (i.e., e-mail) can be an especially valuable source of evidence in civil or criminal litigation, because people are often less careful in these exchanges than in hard copy correspondence such as written memos or postal letters.
E-discovery is an evolving field that goes far beyond mere technology. It gives rise to multiple issues, many of which have yet to be resolved. For example, e-discovery in large corporate or enterprise environments, which may have multitude of cases ongoing at any one point in time, results in an enormous amount of data that is required to be stored. Such a high volume data storage requirement means that corporations and/or enterprises have to support an extensive infrastructure of storage capacity. This issue is exasperated, in that, internal or external (e.g., government regulatory) compliance rules dictate that certain data be stored for a predetermined period of time after a case or matter has been closed. Moreover, while corporations and enterprises may out-source actual data storage to third-party entities, the corporations and enterprises typically feel a need to retain internal storage of those files or data stored at third party entities for a predetermined period of time. Additionally, the processing of data throughout the overall e-discovery process typically results in what is referred to herein, as “work product”; data files that include redundant data, corrupt data or the like, which may be kept in storage while a case is active but may no longer be required to be stored once the case has closed.
While corporations and enterprises can choose to permanently retain the data, such data retention policies not only require an ever increasing amount of storage capacity but also pose a security/exposed data risk. Therefore, most corporations and/or enterprises implement data destruction (i.e., purge) policies that dictate that data be systematically and permanently removed from storage based on pre-defined purge rules and/or criteria. In large corporations or enterprises in which different business entities, lines-of-business or the like may define their own data destruction/purge rules, the management of such data purging can be a daunting task. Manual purging of data has proven to be an inefficient process, which can result in either erroneous data being purged or the failure to purge data that otherwise requires such. Up until now, automated purging within the context of e-discovery data has been limited to purging at the case level, in other words, all the data associated with a specified case is purged at a specified time (i.e., an entire database of data is purged). Such purging does not readily provide for individual business rules to be applied based on the requirements of different business entities, lines-of-business or the like within the corporation or business entity nor does it allow for progressive purging of files within a case based on purge policies applicable at the file level.
Therefore, a need exists to provide for a precise, efficient and accurate system for purging data within an electronic discovery system. The desired system should provide for determining which cases within the e-discovery system are currently eligible for purge based on predefined purge criteria, which may be defined at the business unit/line-of business level. Once cases are identified, the desired system should be capable of purging only those files within the case that meet predetermined purge policies. In addition, the desired system should provide for automated and comprehensive post-purge tracking of the purge process, as well as, automated notification of parties concerned with the purge process.